private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
{
var oauthCardAttachment = activity.Attachments?.FirstOrDefault(a => a?.ContentType == OAuthCard.ContentType);
if (oauthCardAttachment != null)
{
var targetSkill = GetCallingSkill(claimsIdentity);
if (targetSkill != null)
{
var oauthCard = ((JObject)oauthCardAttachment.Content).ToObject <OAuthCard>();
if (!string.IsNullOrWhiteSpace(oauthCard?.TokenExchangeResource?.Uri))
{
using (var context = new TurnContext(_adapter, activity))
{
context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);
// We need to know what connection name to use for the token exchange so we figure that out here
var connectionName = targetSkill.Id.Contains(WaterfallSkillBot) ? _configuration.GetSection("SsoConnectionName").Value : _configuration.GetSection("SsoConnectionNameTeams").Value;
if (string.IsNullOrEmpty(connectionName))
{
throw new ArgumentNullException("The connection name cannot be null.");
}
// AAD token exchange
try
{
var result = await _tokenExchangeProvider.ExchangeTokenAsync(
context,
connectionName,
activity.Recipient.Id,
new TokenExchangeRequest()
{
Uri = oauthCard.TokenExchangeResource.Uri
}).ConfigureAwait(false);
if (!string.IsNullOrEmpty(result?.Token))
{
// If token above is null, then SSO has failed and hence we return false.
// If not, send an invoke to the skill with the token.
return(await SendTokenExchangeInvokeToSkillAsync(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
}
}
catch (Exception ex)
{
// Show oauth card if token exchange fails.
_logger.LogWarning("Unable to exchange token.", ex);
return(false);
}
return(false);
}
}
}
}
return(false);
}
private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
{
if (activity.Attachments != null)
{
foreach (var attachment in activity.Attachments.Where(a => a?.ContentType == OAuthCard.ContentType))
{
var targetSkill = GetCallingSkill(claimsIdentity);
if (targetSkill != null)
{
var oauthCard = ((JObject)attachment.Content).ToObject <OAuthCard>();
if (oauthCard.TokenExchangeResource != null /*&& _tokenExchangeConfig.ProviderId == oauthCard.TokenExchangeResource.ProviderId*/)
{
using (var context = new TurnContext(_adapter, activity))
{
context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);
// AAD token exchange
try
{
var result = await _tokenExchangeProvider.ExchangeTokenAsync(
context,
_connectionName,
activity.Recipient.Id,
new TokenExchangeRequest()
{
Uri = oauthCard.TokenExchangeResource.Uri
}).ConfigureAwait(false);
if (!string.IsNullOrEmpty(result.Token))
{
// Send an Invoke back to the Skill
return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default(CancellationToken)).ConfigureAwait(false));
}
}
catch
{
// Show oauth card if token exchange fails.
return(false);
}
return(false);
}
}
}
}
}
return(false);
}
private async Task <bool> InterceptOAuthCards(ClaimsIdentity claimsIdentity, Activity activity)
{
var oauthCardAttachment = activity.Attachments?.FirstOrDefault(a => a?.ContentType == OAuthCard.ContentType);
if (oauthCardAttachment != null)
{
var targetSkill = GetCallingSkill(claimsIdentity);
if (targetSkill != null)
{
var oauthCard = ((JObject)oauthCardAttachment.Content).ToObject <OAuthCard>();
if (!string.IsNullOrWhiteSpace(oauthCard?.TokenExchangeResource?.Uri))
{
using (var context = new TurnContext(_adapter, activity))
{
context.TurnState.Add <IIdentity>("BotIdentity", claimsIdentity);
// AAD token exchange
try
{
var result = await _tokenExchangeProvider.ExchangeTokenAsync(
context,
_connectionName,
activity.Recipient.Id,
new TokenExchangeRequest()
{
Uri = oauthCard.TokenExchangeResource.Uri
}).ConfigureAwait(false);
if (!string.IsNullOrEmpty(result?.Token))
{
// If token above is null, then SSO has failed and hence we return false.
// If not, send an invoke to the skill with the token.
return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
}
}
catch
{
// Show oauth card if token exchange fails.
return(false);
}
return(false);
}
}
}
}
return(false);
}
private async Task <bool> InterceptOAuthCardsAsync(ClaimsIdentity claimsIdentity, Activity activity)
{
if (activity.Attachments != null)
{
BotFrameworkSkill targetSkill = null;
foreach (var attachment in activity.Attachments.Where(a => a?.ContentType == OAuthCard.ContentType))
{
if (targetSkill == null)
{
targetSkill = GetCallingSkill(claimsIdentity);
}
if (targetSkill != null)
{
var oauthCard = ((JObject)attachment.Content).ToObject <OAuthCard>();
if (oauthCard != null && oauthCard.TokenExchangeResource != null &&
_tokenExchangeConfig != null && !string.IsNullOrWhiteSpace(_tokenExchangeConfig.Provider) &&
_tokenExchangeConfig.Provider == oauthCard.TokenExchangeResource.ProviderId)
{
using (var context = new TurnContext(_adapter, activity))
{
context.TurnState.Add <IIdentity>(BotAdapter.BotIdentityKey, claimsIdentity);
// AAD token exchange
var result = await _tokenExchangeProvider.ExchangeTokenAsync(
context,
activity.Recipient?.Id,
_tokenExchangeConfig.ConnectionName,
new TokenExchangeRequest()
{
Uri = oauthCard.TokenExchangeResource.Uri
}).ConfigureAwait(false);
if (!string.IsNullOrEmpty(result.Token))
{
// Send an Invoke back to the Skill
return(await SendTokenExchangeInvokeToSkill(activity, oauthCard.TokenExchangeResource.Id, result.Token, oauthCard.ConnectionName, targetSkill, default).ConfigureAwait(false));
}
return(false);
}
}
}
}
}
return(false);
}